Cyber Security

Protecting the Ballot Boxes and Building Confidence in the Integrity of Elections

esteria.white
By esteria.white Add a Comment

Critical Infrastructure

What cyber threats could wreak havoc in this year’s elections and how concerned should we as voters be about the integrity of our voting systems?

Phil Muncaster

March 12, 2024

,
4 minutes. read

Election Cybersecurity: Protecting Ballot Boxes and Building Confidence in Election Integrity

This year, billions of people will go to the polls to choose their next political leaders. From India to the United States, the results of these and other elections could shape geopolitics for years to come. Faced with the scale of the stakes, concerns are growing about electoral interference.

So, what are the real and present cyber threats? deepfake disinformation threat? What types of guarantees exist to prove the integrity of voting systems? And how concerned should we as voters be?

What is at stake?

In 2024, national or regional elections will be held in the United States, the European Union, the United Kingdom, India, Taiwan, South Africa, Mexico and many other countries. On paper, nation-states, hacktivists, or even money-motivated criminals could target online election infrastructure to change votes, or interfere with voter registration databases to deprive individuals of their rights. in mass. They could also seek to disrupt Election Day activity by targeting online machines or other infrastructure elements that could make it more difficult for citizens to get out and vote. Another scenario concerns attacks targeting the communication of results, in order to sow doubt about the result.

So there are a lot of issues at stake in terms of outside forces that can change or influence election results in order to elect the candidate they want. But there is also good news.

The good news

Despite some claims that the 2020 US election was “stolen”, no proof to save this. In fact, the United States Cybersecurity and Infrastructure Security Agency (CISA) has published a long list of rebuttals to some of the most common rumors about election interference. They include claims that:

  • election officials regularly update voter registration lists to ensure they are as accurate and current as possible
  • Various security measures exist to protect the integrity of mail-in ballots, including voter ID checks
  • there are robust safeguards to protect against tampering, with ballots returned via a drop box
  • Federal, state, and/or local election authorities rigorously test and certify voting machines and equipment for vulnerabilities.
  • signature matching, information checks and other measures are designed to protect against voter impersonation and ineligible voters casting ballots

There’s another reason to have confidence in the integrity of elections: In countries like the United States, there are different types of voting machines and recording technologies. They manage activities at all stages of the electoral cycle, including:

  • pre-election activities: think about voter registration and mail-in voting management.
  • election day: includes Direct Record Electronic (DRE) voting machines (where users vote directly) and optical scanning voting where paper ballots are scanned and votes counted. The results are then submitted and centralized electronically.
  • post-election activities: includes post-election audits and the publication of unofficial election night results on public websites.

There is some concern regarding DRE machines if they could be remotely compromised. On the other hand, in the United States, as in many other countries, this is not the primary way of voting. And the use of technology in general is so decentralized and diversified across the country, it would be extremely difficult for a single entity to hack and alter the results enough to effectively influence an election.

Where are the main threats?

However, there are still well-founded fears that bad actors could prey on a neighborhood or city in several swing states. Even if they cannot change the results, they could theoretically undermine confidence in the results by making it difficult for individuals to vote or by interfering with the reporting of results.

CISA identifies three key cyber threats:

  • Ransomware : This could be used to steal and leak voter registration data, or deny access to sensitive information about voters and election results. It could also be used to disrupt key operational processes such as registration and application submission.
  • Phishing: This is a particular threat to election officials, who must open email attachments as part of their daily work. Threat actors could easily conceal their malicious payloads with social engineering lures exploiting election themes. The result could be a secret download of ransomware, information-stealing malware, or other malicious code.
  • Denial of Service (DoS): Distributed denial of service (DDoS) attacks could prevent voters from accessing key information that would help them vote, such as the location of the nearest polling station or information about major candidates. The Indonesian General Election Commission said he recently lived an “extraordinary” number of such attacks against its own site and other sites during national elections.

Ensuring election security

The good news is that the topic of election security is now very much in the mainstream, with CISA offering many resources to election agencies that administrators in other countries could benefit from. The safest form of voting is of course voting on paper. And this is how most votes take place in many countries, including the United Kingdom, the European Union and the United States. But as long as the voting register and electoral infrastructure is targeted, concerns will persist.

Best practices for mitigating phishing, ransomware, and DoS threats will remain valid in this context. They include regular penetration testing and vulnerability management/patch programs, multi-factor authentication (MFA), and network segmentation. Fortunately, there are also many vendors on the market that offer DDoS mitigation, phishing detection, and rapid ransomware response in the cloud.

In many ways, the greatest threat to election integrity will come from disinformation campaigns, including deepfakes. And the “hack and leak” attempts to influence opinion in the run-up to election day, as it happened ahead of the 2016 US presidential election. Many of us hope that wherever we vote and whatever happens, the outcome will not be called into question.

Leave a comment
Lost your password?